<?php
/*
YHM (Your Hosting Manager) - Copyright 2010 All Rights Reserved. - YHM Group
Released under the Simplified BSD Licence.

Website: http://yhm.co.uk
Licence: http://yhm.co.uk/about/#licence

file: admin/servers.php
author: Kieran D. (Polarbear541)
*/

//Init Includes, Sessions and Page Info
require_once("../global.php");
session_start();
checklogin_admin();
$username = $_SESSION['user_name'];
$page = "settings";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>YHM - Admin CP - Servers</title>
<meta http-equiv="Content-Language" content="English" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="../style.css" media="screen" />
</head>
<body>

<?php include('./header.php'); ?>

<div id="content">
	
	<?php
	//Assign Variables
	$action = $_GET['action'];
	$id = mysql_real_escape_string($_GET['id']);
	
	if ($action == "create") //If creating show form
	{
		echo "<h2>Creating Server</h2>";
	
		echo "<form action='./servers.php?action=do_create' method='POST'>
Name: <input type='text' name='name' /> Username: <input type='text' name='username' /><br /><br />
Hash: <br /><textarea name='hash' style='width:280px;height:200px;'></textarea><br /><br />
Hostname: <input type='text' name='hostname' /> Ns1: <input type='text' name='ns1' /> Ns2: <input type='text' name='ns2' /><br /><br />
Active: <input type='checkbox' name='active' value='active' checked='yes' /><br /><br />
<input type='submit' value='Submit'></form><br />";
	}
	
	elseif ($action == "do_create") //If doing the creation run queries after standard checks
	{
		$name = trim(htmlspecialchars(mysql_real_escape_string($_POST['name'])));
		$username = trim(htmlspecialchars(mysql_real_escape_string($_POST['username'])));
		$hash = trim(htmlspecialchars(mysql_real_escape_string($_POST['hash'])));
		$hostname = trim(htmlspecialchars(mysql_real_escape_string($_POST['hostname'])));
		$ns1 = trim(htmlspecialchars(mysql_real_escape_string($_POST['ns1'])));
		$ns2 = trim(htmlspecialchars(mysql_real_escape_string($_POST['ns2'])));
		$active = mysql_real_escape_string($_POST['active']);
	
		if ($active == "active")
		{
			$status = "1";
		}
		else
		{
			$status = "0";
		}
		
		if (empty($name) || empty($username) || empty($hash) || empty($hostname) || empty($ns1) || empty($ns2))
		{
			echo "<h2>There was a Problem!</h2>";
			echo "Please fill in all the fields!<br />";
            echo "<a href='./servers.php?action=create'>Click here to go back</a><br />";
		}
		
		else
		{
			$createserv = mysql_query("INSERT INTO ".TABLE_PREFIX."servers VALUES (NULL, '$name','$username','$hash','$hostname','$ns1','$ns2','$status')");
			
			if (!$createserv) //Error Handling
			{
				echo "<h2>There was a Problem!</h2>";
				echo "Error " . mysql_errno() . ": Query Failed" . mysql_error();
				echo "<a href='./servers.php?action=create'>Click here to go back</a><br />";
			}
			else
			{
				echo "<h2>Server Created Successfully</h2>";
				echo "<a href='./servers.php'>Click here to go back if not redirected</a><br />";
				redirect("./servers.php", 2);
			}
		}
	}
	
	elseif ($action == "edit") //If editing show form
	{
		//Run Queries to get id info
		$query = mysql_query("SELECT * FROM ".TABLE_PREFIX."servers WHERE id='$id'");
		$row = mysql_fetch_array($query);
		
		if ($id == null)
		{
		  die ("Please specify a server id to edit!<br /><br /><a href='./servers.php>Click here to go back</a><br />");
		  exit();
		}
		
		$check_server_query = "SELECT MAX(id) FROM ".TABLE_PREFIX."servers ORDER BY id DESC LIMIT 1";
		$check_server = mysql_query($check_server_query);
		$valid_server = mysql_result($check_server, 0);
       
	   if($id > $valid_server)
	   {
	     die ("The server you requested does not exist.<br /><br /><a href='./servers.php>Click here to go back</a><br />");
	     exit();
	   }
		
		if ($row['status'] == "1")
		{
			$checked = "checked='$active'";
		}
		
		if (!empty($id)) //Check if ID exists
		{
			echo "<h2>Editing Server - {$row['name']}</h2>";
	
			echo "<form action='./servers.php?action=do_edit&id=$id' method='POST'>
Name: <input type='text' name='name' value='{$row['name']}' /> Username: <input type='text' name='username' value='{$row['user']}' /><br /><br />
Hash: <br /><textarea name='hash' style='width:280px;height:200px;'>{$row['hash']}</textarea><br /><br />
Hostname: <input type='text' name='hostname' value='{$row['hostname']}' /> Ns1: <input type='text' name='ns1' value='{$row['ns1']}' /> Ns2: <input type='text' name='ns2' value='{$row['ns2']}' /><br /><br />
Active: <input type='checkbox' name='active' value='active' $checked /><br /><br />
<input type='submit' value='Submit'></form><br />";
		}
		
	}
	
	elseif ($action == "do_edit") //If doing the edit run queries after standard checks
	{
		$name = stripslashes(mysql_real_escape_string($_POST['name']));
		$username = stripslashes(mysql_real_escape_string($_POST['username']));
		$hash = stripslashes(mysql_real_escape_string($_POST['hash']));
		$hostname = stripslashes(mysql_real_escape_string($_POST['hostname']));
		$ns1 = stripslashes(mysql_real_escape_string($_POST['ns1']));
		$ns2 = stripslashes(mysql_real_escape_string($_POST['ns2']));
		$active = mysql_real_escape_string($_POST['active']);
		
		if ($active == "active")
		{
			$status = "1";
		}
		else
		{
			$status = "0";
		}
		
		if (empty($name) || empty($username) || empty($hash) || empty($hostname) || empty($ns1) || empty($ns2))
		{
			echo "<h2>There was a Problem!</h2>";
			echo "Please fill in all the fields!<br />";
            echo "<a href='./servers.php?action=edit&id=$id'>Click here to go back</a><br />";
		}
		
		elseif (!empty($id)) //Check if ID exists
		{
			$editserv = mysql_query("UPDATE ".TABLE_PREFIX."servers SET name='$name', user='$username', hash='$hash', hostname='$hostname', ns1='$ns1', ns2='$ns2', status='$status' WHERE id=$id");
			
			if (!$editserv) //Error Handling
			{
				echo "<h2>There was a Problem!</h2>";
				echo "Error " . mysql_errno() . ": Query Failed" . mysql_error();
				echo "<a href='./servers.php?action=edit&id=$id'>Click here to go back</a><br />";
			}
			else
			{
				echo "<h2>Server Edited Successfully</h2>";
				echo "<a href='./servers.php'>Click here to go back if not redirected</a><br />";
				redirect("./servers.php", 2);
			}
		}

	}
	
	elseif ($action == "delete") //If Deleting Run Queries
	{
		if (empty($id)) //Check if ID exists
		{
			echo "<h2>There was a Problem!</h2>";
			echo "Please specify a server id to delete!<br /><a href='./servers.php'>Click here to go back</a>";
		}
		
		else
		{
			$delete = mysql_query("DELETE from ".TABLE_PREFIX."servers WHERE id='$id'");
			
			if (!$delete) //Error Handling
			{
				echo "<h2>There was a Problem!</h2>";
				echo "Error " . mysql_errno() . ": Query Failed" . mysql_error();
				echo "<a href='./servers.php'>Click here to go back</a><br />";
			}
			
			else
			{
				echo "<h2>Server Deleted Successfully</h2>";
				echo "<a href='./servers.php'>Click here to go back if not redirected</a><br />";
				redirect("./servers.php", 2);
			}
		}
	}
	
	else //Else list all
	{
		echo "<h2>Servers - <a href='./servers.php?action=create'>Create</a></h2>";
		echo "<table width='100%'>
<thead align='left'>
<th>Name</th>
<th>Username</th>
<th>Hostname</th>
<th>NS1</th>
<th>NS2</th>
<th>Status</th>
<th>Options</th>
</thead>
<tbody>";
	
		$getservers = mysql_query("SELECT * from ".TABLE_PREFIX."servers ORDER by id DESC") or die("Error: Query Failed" . mysql_error());
	
		while ($serverlist = mysql_fetch_array($getservers))
		{
			//Convert Status ID's to Languages - 1:Active 0:Disabled
			if ($serverlist['status'] == "1")
			{
				$status = "Active";
			}
			elseif ($serverlist['status'] == "0")
			{
				$status = "Disabled";
			}
		
			echo "<tr>";
			echo "<td><a href='./servers.php?action=edit&id={$serverlist['id']}'>{$serverlist['name']}</a></td>";
			echo "<td>{$serverlist['user']}</td>";
			echo "<td>{$serverlist['hostname']}</td>";
			echo "<td>{$serverlist['ns1']}</td>";
			echo "<td>{$serverlist['ns2']}</td>";
			echo "<td>$status</td>";
			echo "<td><a href='./servers.php?action=edit&id={$serverlist['id']}'><img src='../images/edit.png' title='Edit' alt='Edit' /></a> <a href='./servers.php?action=delete&id={$serverlist['id']}'><img src='../images/delete.png' title='Delete' alt='Delete' /></a></td>";
			echo "</tr>";
		}
		
		echo "</tbody></table>";
	}
	?>

	<?php include('../footer.php'); ?>

</div>
</body>
</html>